1. GENERAL INFORMATION
2. DATA CATEGORIES
3. ORIGIN OF THE DATA
4. PROCESSING PURPOSES
5. LAWFULNESS OF PROCESSING
6. CATEGORIES OF RECIPIENTS
7. DURATION OF DATA STORAGE
8. DATA SECURITY
9. SPECIFIC INFORMATION ON DATA PROCESSING ON OUR WEBSITES
10. YOUR RIGHTS
1.2 CONTROLLER AND CONTACT PERSON FOR DATA PROTECTION
The Controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of Personal and Business Data ("Data"). The Controller within the meaning of the GDPR and the applicable national data protection laws (esp. FDPA) and other data protection provisions is:
Hyperganic Group GmbH
Legal representative: Lin Kayser
You can reach the data protection officer at firstname.lastname@example.org
The categories of data we process depend on your interactions with us and may include one or more of the following data categories.
2.1 CONTACT AND BUSINESS DATA
For the use of certain Services, contact data may be processed. Contact data consists of last name, first name, corporate/business email address, corporate/business physical address, corporate/business phone number, country of origin and similar contact information, including in some circumstances usernames and passwords. These may be supplemented by further business data such as position, company name and other similar information.
2.2 COMMUNICATION AND TRANSACTION DATA
Communication data refers to the data resulting from your interaction with us, e.g., emails, direct/chat messages, video meetings or telephone calls, software downloaded, questions asked in user forums, and product interest information. We may also collect registration information related to your attendance at one of our events, including travel information, scheduling information, food preferences or allergies, and accessibility requests.
2.3 DEVICE AND BROWSER DATA
When you visit or use one of our websites, platforms or applications, online and technical information from your computer or mobile device may be collected, such as: device type, location, information about the browser type and version, the operating system and version, the ISP or mobile carrier, the IP Address (or proxy server) and geographic areas derived from your IP address, time and date of access, duration of access, referring URL (if any), and identifiers that help us recognize your device and validate that you are a licensed user.
In most cases, you provide the Data directly to us by accessing one of our websites or by registering and/or using one of the Services. We may also obtain Data from your employer in the context of providing the Services or from third party suppliers, social networks, or partners.
4.1 PROVIDING THE REQUESTED SERVICE
We process your Data to fulfill our contractual obligations to you, including to:
4.2 COMMENTS AND QUESTIONS
If you contact us via our website, via email or in any other way, we process your Data to understand and respond to your request and to provide customer service. In such circumstances, your request might be internally forwarded to the responsible department at HYPERGANIC.
4.3 SALES & MARKETING ACTIVITIES
We may use your corporate/business email address for direct advertising, to communicate news about upcoming events, products, and services, and for surveys according to Art. 6 Para. 1 (a) or (f) GDPR. We also use your corporate/business email address, which we receive in connection with the sale of a product or service, for direct advertising of products or services similar to the ones you ordered.
Our marketing emails permit you to opt-out of receiving further communications by selecting the “unsubscribe” link. In addition, you may opt-out from marketing communication at any time by contacting email@example.com.
To improve performance of the Services, to assess and improve the customer and user experience, to identify future opportunities for development of the Services, and to assess capacity requirements, we may analyze aggregated, anonymized or statistical information based on Data (Art. 6 Para. 1 (f) GDPR).
4.5 SECURITY & COMPLIANCE
We may analyze your Data to maintain the security of the Services and facilities, to enforce our terms and conditions; to protect against, investigate and deter fraudulent, unauthorized, or illegal activity; and to avoid and detect attacks on our website or applications or misuse of our Services.
When we collect and use your Data, we will only do so where at least one of the following applies:
Your Data may be transferred to affiliates and partners of HYPERGANIC as well as to a limited number of service providers (Processors) that perform processing operations such as data storage, hosting or communication services. These service providers process Data on our instructions only and have implemented state-of-the-art technical and organizational measures to safeguard the processed data. All Processors have been selected carefully and are closely monitored. The following is a list of the names of HYPERGANIC’s key sub-processors and the purposes for which they process Data (as changed from time to time):
|Amazon Web Services (AWS)||Cloud infrastructure hosting|
|Digital Ocean||Cloud infrastructure hosting|
|Atlassian Jira||Development tracking tool|
|Microsoft (Office 365)||Email hosting, storage|
|Zoom Video Communications||Video telephony software program|
Your Data will be deleted upon your request or as soon as it is no longer required to achieve the purpose for which the Data has been collected, namely, to provide the requested Services. If legal regulations (e.g., by fiscal, commercial, or contractual law) apply that require longer storage of your Data, or if we need your Data to assert legal claims or defend against legal claims, we will store your Data until the expiration of the corresponding storage period or until the settlement of the claims.
Any user account and its related data in applications where we act as Controller will be deleted upon your request or after three years of inactivity.
Data is protected by us by means of suitable technical and organizational measures in order to ensure an appropriate level of protection and to safeguard the personal rights of the persons concerned. The measures taken serve, among other things, to prevent unauthorized access to the technical equipment used by us and to protect Data from unauthorized disclosure by third parties. In particular, this website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as your contact requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. Nevertheless, we would like to point out that data transmission on the internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is therefore not possible.
9.1 CALLING UP AND VISITING OUR WEBSITE – SERVER LOG FILES
For the purpose of the technical provision of the website, it is necessary that we process certain information automatically transmitted by your browser so that our website can be displayed in your browser and you can use the website. This information is automatically collected each time our website is called up and automatically stored in so-called server log files. These are:
9.2 COOKIES – SESSION IDS
Cookies are text files that are stored on a computer system via an internet browser. There are different categories of cookies, mainly (i) technical cookies necessary for the basic website functionality, (ii) functional cookies that enhance functions and performance and (iii) analyzing/marketing cookies that track website activity.
On our websites, we only use so-called session IDs or session tokens. A session ID is a unique identifier that a website assigns to a specific user for the duration of the session, to keep track of visitor activity for user authentication purposes. A session ID is a technical cookie which is necessary for the functionality of the website and is automatically deleted once the user ends the session.
Apart from that, we have designed our websites so that no cookies are used. A tracking or analysis is also not carried out.
9.3 NEWSLETTER - MAILCHIMP
When you sign up for our newsletter, you submit to us your first name, last name and corporate/business email address and give us the right to contact you by email (Art. 6 Para. 1 (a) GDPR). We use the data stored as part of the registration for the newsletter exclusively for our newsletter.
If you unsubscribe from the newsletter - you will find the link for this at the very bottom of each newsletter - we will delete all data that was stored with the newsletter registration.
We send newsletters with MailChimp and use functions of the newsletter service MailChimp of the company The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA on this website to collect newsletter registrations.
GENERAL INFORMATION ABOUT MAILCHIMP
If you sign up for our newsletter on our website, the data you enter will be stored by MailChimp.
DELETION OF YOUR DATA
You can withdraw your consent to receive our newsletter at any time within the email received by clicking on the link at the bottom. Once you have unsubscribed by clicking on the unsubscribe link, your data will be deleted from MailChimp.
When you receive a newsletter via MailChimp, information such as IP address, browser type and email program is stored to give us information about the performance of our newsletter. MailChimp can determine if the email has arrived, if it has been opened and if links have been clicked by means of images called web beacons (details can be found at https://kb.mailchimp.com/reports/about-open-tracking) integrated in the HTML emails. All this information is stored on MailChimp's servers, not on this website.
MAILCHIMP DATA PROCESSING AGREEMENT
We have concluded a data processing addendum (DPA), including Standard Contractual Clauses (SCC), with MailChimp. This contract serves to safeguard your Data and ensures that MailChimp adheres to the applicable data protection regulations and does not pass on your Data to third parties.
You can find more information about this contract at https://mailchimp.com/de/legal/data-processing-addendum/.
9.4 IP GEOLOCATION
We use a program on our website to locate your location via IP address. This program is used to display the website in the language relevant to you. Your location is determined by a service provider to whom only your current IP address is transmitted. As a result, the service provider returns the following data:
City, continent, country, country code, host name at the time of query, IP type, Internet service provider, longitude, latitude, organization, the transmitted IP address, region (state).
With this data we are able to show you the website in the language relevant to you. The data will not be stored by us. Art. 6 Para. 1 (f) GDPR serves as the legal basis for the temporary processing of this data, as our legitimate interest is to be able to provide you with a user-friendly website in the relevant language.
Our website uses plugins of the video platform YouTube to embed videos and play them directly on our website. The operator of the video platform is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA ("YouTube"). YouTube is an affiliated company of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
The integration of YouTube videos takes place in the so-called "extended data protection mode", which, according to the provider, only initiates the storage of user information when the video(s) is/are played. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. Thus, YouTube establishes a connection to the Google DoubleClick network - regardless of whether you watch a video.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account before activating the play button.
YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 (f) GDPR.
On our pages, functions of the music service Spotify are integrated. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm in Sweden. You can recognize the Spotify plugins by the green logo on our site. An overview of the Spotify plugins can be found at: https://developer.spotify.com. This allows a direct connection between your browser and the Spotify server to be established via the plugin when you visit our pages. Spotify thereby receives the information that you have visited our site with your IP address. If you click the Spotify button while logged into your Spotify account, you can link the content of our pages on your Spotify profile. This allows Spotify to associate the visit to our pages with your user account. If you do not want Spotify to be able to associate the visit to our pages with your Spotify user account, please log out of your Spotify user account.
The processing is done to enable you to learn more about us via HYPERGANIC related podcasts.
The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 Para. 1(f) GDPR). Our legitimate interest lies in the purpose named in the previous paragraph.
9.7 SOCIAL NETWORKS
9.8 LINKS TO OFFERINGS OF THIRD PARTIES
Websites as well as services of other providers linked to from this website were and are designed and provided by third parties. We have no influence on the design, content and function of these third-party services. We expressly distance ourselves from all content of all linked third-party services. Please note that the third-party services linked from this website may install their own cookies on your terminal device or collect Data. We have no influence on this. Please inform yourself directly with the providers of these linked third-party offers.
Upon request, we will inform you whether and which data we have stored about you. Insofar as the legal requirements are met, you have the right to have this data corrected, blocked or deleted. You also have the right to receive Data which you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another Controller under conditions and in accordance with the Regulation.
Insofar as we process your data on the basis of the balancing of interests, you have a right of objection if the legal requirements are met.
Where we are relying on consent to process your Data you may withdraw your consent at any time for the future. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
You may exercise your rights by contacting us in writing, with a proof of your identity, at firstname.lastname@example.org.
If you are resident of the EU, you also have the right to direct questions or complaints to the lead supervisory authority.